scale: Side-Channel Attack Lab
SCALE: Side-Channel Attack Lab. Exercises
Alongside the implementation of cryptography in hardware and software, attacks on those implementations (plus associated countermeasures) form a central challenge in cryptographic engineering. This topic is sometimes termed physical security, but, either way, it contrasts sharply with traditional cryptanalysis by targeting the concrete implementation (vs. the abstract design, i.e., the underlying theory) via techniques such as side-channel attack. Beyond the obvious motivation, there are many position statements, e.g., see [1,2,3], that outline why this challenge is important. Thus, from an educational perspective, the question is how to equip students with an appropriate, associated skill set?
On one hand, it seems obvious a hands-on approach is preferable: this is an applied topic so actually doing it (assuming a background in the underlying or related theory), e.g., via Problem-Based Learning (PBL), would be most effective. Indeed, other initiatives have already used a similar approach, e.g., see . However, on the other hand, our experience is that some practical and/or logistical challenges remain. In particular, a PBL-based approach will demand some “problems” and, potentially, infrastructure for students to use. This fact act as a driver for the SCALE project: the goal is to provide a suite of material related to side-channel (and fault) attacks that are
- low-cost (i.e., has few if any barriers to use),
- accessible (i.e., offers a balanced, configurable difficulty level, between real-world and educationally focused examples),
- relevant (e.g., addresses modern challenges with tangible value and impact),
- coherent (e.g., well documented and supported), and
- effective (i.e., elicits appropriate learning outcomes).